Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee agent vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2019-3619
Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator (ePO) 5.9.x and 5.10.0 before 5.10.0 update 4 allows remote unauthenticated malicious user to view sensitive information in plain text via sniffing the traffic between the Agent Handler and t...
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
NA
CVE-2006-5271
Integer underflow in McAfee ePolicy Orchestrator 3.5 up to and including 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and previous versions allows remote malicious users to execute arbitrary code via a crafted UDP packet, which causes stack co...
Mcafee E-business Server 3.6.1
Mcafee Protectionpilot 1.1.1
Mcafee Protectionpilot 1.5.0
Mcafee E-business Server 3.5
NA
CVE-2003-0149
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request containing long parameters.
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 2.5.1
6.5
CVSSv3
CVE-2021-23890
Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.4
CVSSv3
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2012-4590
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 might allow remote malicious users to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
6.5
CVSSv3
CVE-2022-2330
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML f...
Mcafee Data Loss Prevention Endpoint
NA
CVE-2008-1855
FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and previous versions, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote malicious users to corrupt memory and cause a denial of service (CMA Framework service crash) via a...
Mcafee Cma
1 EDB exploit
NA
CVE-2003-0610
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote malicious users to read arbitrary files via a certain HTTP request.
Mcafee Epolicy Orchestrator 3.0
10
CVSSv3
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »